<?php
	header('Content-Type: text/html; charset=utf-8');
	// connexion
	include_once("../config.php");
	dbconnect();
	include('buildrss.php');
	
	if(isset($_POST['add']))
	{
		$date = $_POST['date'];
		$titre = $_POST['titre'];
		$texte = $_POST['texte'];
		$sql = "INSERT INTO posts VALUES('','$date','$titre','$texte')";
		$req = mysql_query($sql) or die('Erreur SQL !<br>'.$sql.'<br>'.mysql_error()); 
		echo "Post ajouté";
		$editId = mysql_insert_id();
		buildrss('../');
	}
	else if(!empty($_POST['edit']))
	{
		$id = $_POST['edit'];
		$date = $_POST['date'];
		$titre = $_POST['titre'];
		$texte = $_POST['texte'];
		$sql = "UPDATE posts SET date='$date', titre='$titre', texte='$texte' WHERE id='$id'";
		$req = mysql_query($sql) or die('Erreur SQL !<br>'.$sql.'<br>'.mysql_error()); 
		echo "Post édité";
		buildrss('../');
	}
	else if(!empty($_POST['delete']))
	{
		$sql = "DELETE FROM posts WHERE id=".$_POST['delete'];
		$req = mysql_query($sql) or die('Erreur SQL !<br>'.$sql.'<br>'.mysql_error()); 
		echo "Post supprimé";
		buildrss('../');
	}
	else if(!empty($_POST['draft']))
	{
		$fichier = $_POST['draft'];
		$titre = $_POST['titre'];
		$texte = $_POST['texte'];
		$handle = fopen ("draft/".$fichier.".txt", 'w');
		$titre = stripslashes($titre);
		$texte = stripslashes($texte);
		fwrite ($handle, $titre."\n");
		fwrite ($handle, $texte);
		fclose($handle);
		echo $fichier." saved";
	}
	else if(isset($_POST['listdraft']))
	{
		$dir = "draft/";
		if (($dp = opendir($dir)) != false)
		{
			echo "<ul>\n";
			while (($file = readdir($dp)) != false)
				if ($file[0] != "." && !is_dir($file))
				{
					echo '<li><a href="javascript:loadDraft(\''.substr($file,0,-4).'\')">'.$file."</a>\n";
					echo ' (<a href="../preview.php?draft='.substr($file,0,-4).'">voir</a>)'."\n";
					echo ' (<a href="javascript:deleteDraft(\''.substr($file,0,-4).'\')">effacer</a>)</li>'."\n";
				}
			closedir($dp);
			echo "</ul>\n";
		}
	}
	else if(!empty($_POST['deletedraft']))
	{
		$fichier = $_POST['deletedraft'];
		unlink("draft/".$fichier.".txt");
		echo $fichier." effacé";
	}
	else if(isset($_POST['deleteImage']))
	{
		$dir = $_POST['dir'];
		$file = $_POST['file'];
		$full = $dir.$file;
		$tiny = $dir.'__'.$file;
		$display = $dir.'_'.$file;
		@unlink($full);
		@unlink($tiny);
		@unlink($display);
		echo "Image supprimée";
	}
	else if(!empty($_POST['editComm']))
	{
		$id = $_POST['editComm'];
		$nom = $_POST['nom'];
		$email = $_POST['email'];
		$texte = $_POST['texte'];
		$sql = "UPDATE comments SET nom='$nom', email='$email', texte='$texte' WHERE id='$id'";
		$req = mysql_query($sql) or die('Erreur SQL !<br>'.$sql.'<br>'.mysql_error()); 
		echo "Commentaire édité";
		buildrss('../');
	}
	else if(!empty($_POST['deleteComm']))
	{
		$sql = "DELETE FROM comments WHERE id=".$_POST['deleteComm'];
		$req = mysql_query($sql) or die('Erreur SQL !<br>'.$sql.'<br>'.mysql_error()); 
		echo "Commentaire supprimé";
		buildrss('../');
	}
	else
		echo "Aucune action !";
?>